"Auteria Wally Winzer Jr." wrote:
>
> The goal:
>
> To generate a 128-bit self-signed CA.
>
That has little to do with the CA certificate and more to do with the
software being used. If clients can only make 40 bit SSL connections
then the clients probably only support 40 bit SSL (the old export
crippled software) and needs upgrading to 128 bits.
Well actually that's not the whole story. Some certificates signed by a
special CA can enable 40 bit clients to use 128 bit connections but you
can't readily create those yourself because they wont be signed by the
(hard coded) special CA.
Steve.
--
Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/
Personal Email: [EMAIL PROTECTED]
Senior crypto engineer, Celo Communications: http://www.celocom.com/
Core developer of the OpenSSL project: http://www.openssl.org/
Business Email: [EMAIL PROTECTED] PGP key: via homepage.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
